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Top Stories 

• The U.S. Department of the Interior along with the U.S. President’s administration released 
March 20 new federal regulations on hydraulic fracturing which are set to go into effect in 
June. - New York Times (See item 1) 

• A stretch of railroad tracks near Hudson, Colorado, suffered extensive damage and was 
closed indefinitely March 22 after 27 freight cars of a Burlington National Santa Fe 
Railway train derailed. - Associated Press; KUSA 9 Denver (See item 7 ) 

• An armed man attacked several Transportation Security Administration agents at the Louis 
Armstrong New Orleans International Airport in Louisiana March 20 before he was fatally 
shot by a law enforcement officer. - Reuters (See item 9 ) 

• Snowy conditions March 20 prompted the cancelation of several hundred flights at New 
Jersey and New York airports and prompted the Federal Aviation Administration to issue a 
ground control program that caused delays for arriving flights. - Newark Star-Ledger (See 
item 10 ) 
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Energy Sector 



1. March 20, New York Times - (National) New federal rules are set for fracking. The 
U.S. Department of the Interior along with the U.S. President’s administration released 
March 20 new federal regulations on hydraulic fracturing which include allowing 
government workers to inspect and validate concrete barriers that line fracking wells, 
and a requirement for companies to disclose the chemicals used during the fracturing 
process within 30 days of completing fracking operations, among other rules set to go 
into effect in June. 

Source: http://www.nytimes.com/2015/03/21/us/politics/obama-administration-unveils- 
federal-fracking-regulations.html 

[ Return to top ] 

Chemical Industry Sector 

2. March 22, KWTX 10 Waco - (Texas) Cleanup underway after train hauling 
chemicals derails. Twelve cars of a Burlington Northern Santa Fe (BNSF) Railway 
train derailed near Valley Mills, Texas, March 21 causing about 7,000 gallons of 
dimethylformamide, an industrial solvent, to spill from a tanker car. A HAZMAT team 
worked to contain the spill, while crews removed the derailed cars and repaired 
damaged track and a bridge. 

Source: http://www.kwtx.com/home/headlines/BREAKING-Train-297140101.html 

T Return to top i 

Nuclear Reactors, Materials, and Waste Sector 

3. March 22, Berkeley Patch - (New Jersey) Oyster Creek nuclear plant in Lacey shuts 
down - again. The Oyster Creek Nuclear Generating Station in Lacey Township 
underwent an automatic shutdown March 22 due to an electrical issue in a system that 
controls steam pressure at the plant. Exelon Corporation officials stated that the plant 
will return to service once the pressure control system is repaired. 

Source: http://patch.com/new-iersev/berkelev-ni/ovster-creek-nuclear-plant-lacey- 
shuts-down-again 

4. March 21, WWJ 62 Detroit; Associated Press - (Michigan) Fermi 2 nuclear plant 
shuts down after water leak detected. Officials at DTE Energy Co., reported that the 
Fermi 2 nuclear plant in Frenchtown Township was taken offline after a safety 
monitoring system initiated an automatic shutdown March 19 due to a water leak in a 
system that cools heat exchanges in the plant. The leak was contained and the exact 
cause remains under investigation. 

Source: http://detroit.cbslocal.com/2015/03/21/fermi-2-nuclear-plant-shuts-down-after- 
water- leak-detected/ 

[ Return to top ] 
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Critical Manufacturing Sector 



See item 5 
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Defense Industrial Base Sector 

5. March 22, Reuters - (National) U.S., Lockheed fixing software glitch with GPS 
satellites. Lockheed Martin Corp announced that the company is working to resolve a 
technical error disclosed by the U.S. Air Force March 22 that involves the ground- 
based control system used to index some messages transmitted by global positioning 
system (GPS) IIF satellites built by Boeing Co. A “workaround” was put in place to 
avoid further errors while the company and the Air Force develop a full software 
correction for the flaw that had gone unnoticed since 2013. 

Source: http://www.reuters.com/article/2015/03/23/usa-airforce-satellite- 
idUSL2N0WO0EW20150323?feedType=RSS&feedName=everything&virtualBrandC 
hannel= 11563 

[ Return to top ] 

Financial Services Sector 

6. March 23, Securityweek - (International) Dridex banking malware dodges detection 
with run-on-close macros. Security researchers at Proofpoint discovered that the 
Dridex banking malware is using run-on-close macros in infected Microsoft Office 
documents to avoid detection by malware sandboxes and antivirus software. The 
Dridex malware was previously linked to attacks targeting banking customers in the 
U.S., Canada, and the U.K. 

Source: http://www.securitvweek.com/dridex-banking-malware-dodges-detection-run- 
close-macros 



For another story, see item 5 
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Transportation Systems Sector 

7. March 22, Associated Press; KUSA 9 Denver - (Colorado) Train derails in Weld 
County. A stretch of railroad tracks near Hudson, Colorado, suffered extensive damage 
and was closed indefinitely March 22 after at least 27 freight cars of a Burlington 
National Santa Fe Railway Co. (BNSF) train derailed and spilled an unspecified 
amount of coal. Crews used front-end loaders to clear the scene, and no environmental 
impact was reported. 

Source: http://www.9news.com/story/news/2015/Q3/22/train-derails-in-weld- 
county/25181437/ 
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8. March 22, Eureka Times-Standard - (California) Update: Eureka man killed after 
struck by car on Highway 101 near Areata. Various lane closures were in effect on 
both sides of U.S. 101 near Areata for approximately 4 hours March 21 after a driver 
travelling southbound on the highway lost control of his pickup truck and crossed over 
the median into a northbound lane where the driver and the truck were struck by an 
oncoming vehicle. The pickup driver died and the second driver was injured as a result 
of the collision. 

Source: http://www.times-standard.com/general-news/20150321/update-eureka-man- 
killed-after-struck-by-car-on-highwav- 101 -near- areata 

9. March 21, Reuters - (Louisiana) Officer shoots man who attacked TSA agents at 
New Orleans airport. A man armed with a machete and wasp spray attacked several 
Transportation Security Administration (TSA) agents in Concourse B at the Louis 
Armstrong New Orleans International Airport March 20 before he was fatally shot by a 
law enforcement officer, while a TSA agent suffered non-life-threatening injuries when 
she was accidentally struck by the officer’s gunfire. The concourse was secured while 
authorities investigated the incident and was scheduled to reopen March 21. 

Source: http://www.reuters.com/article/2015/03/21/us-usa-shooting-airport- 
idUSKBN0MH01S20 150321 

10. March 20, Newark Star-Ledger - (New Jersey; New York) Nearly 800 flights 
canceled at the 3 area airports. Snowy conditions March 20 prompted the cancelation 
of about 380 flights at Newark Liberty International Airport, 231 flights at LaGuardia 
Airport, and 154 flights at John F. Kennedy International Airport. The Federal Aviation 
Administration issued a ground control program, which delayed arriving flights at the 
airports for an average of more than 3 hours. 

Source: 

http://www.ni.com/news/index.ssf/2015/03/weather causes massive flight cancellatio 
ns and de.html 



For additional stories, see items 2 and 5 
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Food and Agriculture Sector 

11. March 22, U.S. Food and Drug Administration - (National) Voluntary recall for 
potential health risk O’Coconut. The U.S. Food and Drug Administration announced 
March 21 that Nutiva initiated a recall for three of its O’Coconut products after the 
Organic Superfoods company was notified by a supplier that samples of a raw material 
in the product were possibly contaminated with Salmonella. 

Source: http://www.fda.gov/Safety/Recalls/ucm439285.htm 

12. March 21, U.S. Food and Drug Administration - (Texas) Texas Star Nut and Food 
Co. Inc. natural macadamia nuts are being voluntarily recalled due to possible 
Salmonella contamination. Texas Star Nut and Food Co., Inc. announced March 20 a 
recall for its Nature’s Eats Natural Macadamia Nuts sold at HEB stores in Texas due to 
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possible Salmonella contamination. The recall was initiated after Salmonella bacteria 
were detected in the product routine sampling by the U.S. Food and Drug 
Administration. 

Source: http://www.fda.gov/Safety/Recalls/ucm439283.htm 

13. March 21, U.S. Food and Drug Administration - (California) La Terra Fina recalls 
organic spinach dip sold in Bay Area Costco clubs. The U.S. Food and Drug 
Administration reported March 20 that La Terra Fina issued a voluntary recall for 24- 
ounce containers of its Organic Thick & Creamy Spinach Dip & Spread sold in Bay 
Area Costco stores due to possible Listeria exposure. 

Source: http://www.fda.gov/Safety/Recalls/ucm439279.htm 

14. March 21, U.S. Food and Drug Administration - (International) Aurora Products, 

Inc. voluntarily recalls certain Aurora Natural brand and certain private label 
brand walnuts and trail mixes due to possible health risk. The U.S. Food and Drug 
Administration reported March 20 that Aurora Products, Inc., issued a voluntary recall 
of certain lots of natural walnuts and trail mixes containing walnuts due to possible 
Salmonella contamination. The recall includes Aurora Natural brand and certain private 
label brand products that were distributed through retail stores nationwide, and in 
Canada and Bermuda. 

Source: http://www.fda.gov/Safety/Recalls/ucm439284.htm 

15. March 20, North Country Public Radio - (New York) 50,000 chickens believed to 
have died in blaze at Giroux's Poultry Farm. About 50,000 hens perished in a bam 
fire at Giroux’s Poultry Farm in Chazy, New York, March 19. The cause of the fire 
remains under investigation. 

Source: http://www.northcountrvpublicradio.org/news/storv/27834/20150320/50-000- 
chickens-believed-to-have-died-in-blaze-at-giroux-s-poultry-farm 

16. March 20, WTHR 13 Indianapolis - (Indiana) Frito-Lay warehouse in Gas City a 
total loss after early morning blaze. A Frito Lay warehouse located in a Gas City 
industrial park was rendered a total loss and damage was estimated to total $425,000 
following a March 20 fire that was sparked by an electrical issue. 

Source: http://www.wthr.com/storv/28569148/fire-at-frito-lav-warehouse-in-gas-citv 

17. March 20, U.S. Department of Agriculture - (International) Boa Yida Imports recalls 
pork and beef products imported from an ineligible country without benefit of 
import inspection. Boa Vida Imports of New Bedford, Massachusetts, recalled about 
385 pounds of pork and beef products that were imported from Portugal, a country not 
currently eligible for import, and were not presented at the U.S. point of entry for 
inspection by the U.S. Department of Agriculture. The recalled products were shipped 
to retailers in southeastern Massachusetts. 

Source: http://www.fsis.usda.gov/wps/portal/fsis/topics/recalls-and-public-health- 
alerts/recall-case-ai'chive/archi ve/20 1 5/recall-050-20 1 5-release 

18. March 20, U.S. Department of Agriculture - (Massachusetts) Van Lang Foods recalls 



-5 - 



pork and chicken products due to misbranding and undeclared allergen. The Food 
Safety and Inspection Service announced March 20 a recall for about 232 pounds of 
pork potstickers and chicken dim sum due to undeclared egg caused by misbranding. 
The recalled products were shipped to a distributor for retail sales in New Bedford, 
Massachusetts. 

Source: http://www.fsis.usda.gov/wps/portal/fsis/topics/recalls-and-public-health- 
alerts/recall-case-archive/archive/2015/recall-049-201 5-release 



19. March 20, U.S. Food and Drug Administration - (Florida) Taylor Farms Florida 
issues allergen alert on undeclared soy in Kale and Quinoa Salad. The U.S. Food 
and Drug Administration reported March 20 that Taylor Farms Florida Inc., recalled 
134 units of its Kale and Quinoa Salad due to undeclared soy in the salad’s dressing 
packet. The recalled salads were packaged in 7.5-ounce containers and sold in select 
Wawa stores in Florida. 

Source: http://www.fda.gov/Safety/Recalls/ucm439262.htm 

20. March 20, U.S. Food and Drug Administration - (National) Giant Eagle voluntarily 
recalls Raisin Filled and Apricot Filled cookies due to an undeclared milk 
allergen. The U.S. Food and Drug Administration announced March 20 that Giant 
Eagle voluntarily recalled all lots of Giant Eagle brand Raisin Filled and Apricot Filled 
cookies that were baked and sold individually from the Bakery department service 
counters inside Giant Eagle and Market District supermarkets in several States. The 
recall was initiated during ongoing ingredient declaration monitoring that revealed that 
the product label for the cookies did not declare milk. 

Source: http://www.fda.gov/Safety/Recalls/ucm439274.htm 

For another story, see item 5 
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Water and Wastewater Systems Sector 

21. March 20, Associated Press - (North Dakota) Water boil order remains in Divide 
and Burke counties. A boil order remains in effect until at least March 24 for some 
residents of Burke and Divide counties in North Dakota, while the Western Area Water 
Supply Authority continues to repair a permanent water line that broke during the 
weekend of March 14. 

Source: http://kfgo.com/news/articles/2015/mar/20/water-boil-order-rernains-in-divide- 
and-burke-counties/ 



T Return to top i 



Healthcare and Public Health Sector 

22. March 21, Ypsilanti Courier - (Michigan) Owner of pain clinic in Pittsfield 
Township, doctors indicted on federal drug charges. Federal agents arrested the 
owner of the Meghnot Comprehensive Center for Hope in Pittsfield Township along 
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with 3 physicians and the office manager March 17 in connection with selling 
prescription drugs for cash from September 2011 to March 2015. The indictment 
alleges that the doctors prescribed hundreds of thousands of dosage units of controlled 
substances outside the scope of normal medical practice to patients who had no medical 
necessity for the drugs. 

Source: 

http://www.heritage.com/articles/2015/03/21/vpsilanti courier/news/doc5509e59d446c 



4459295371.txt 



23. March 20, Central Florida News 13 - (Florida) Florida Hospital fires 2 for copying 
9,000 patients’ records. Florida Hospital notified 9,000 patients March 20 after their 
medical records which may have included names, Social Security numbers, and 
additional personal information, were copied by 2 former employees from January 
2012 to May 2014 at 8 Florida Hospital locations. The former workers allegedly 
printed patient “face sheets” and the hospital system does not believe any information 
was misused. 

Source: 

http://www.mvnewsl3.com/content/news/cfnewsl3/news/article.html/content/news/arti 
cles/cfn/2015/3/20/fl hospital privacy.html 

For another story, see item 32 
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Government Facilities Sector 

24. March 23, KHOU 11 Houston - (Texas) Willowridge HS closed Monday due to 
power outage. Fort Bend Independent School District officials announced March 22 
that classes at Willowridge High School were canceled March 23 due to a power 
outage caused by an electrical short in a transformer March 21. Crews were working to 
restore power to the campus. 

Source: http://www.khou.com/story/news/local/2015/03/22/willowridge-hs-closed- 
mondav-due-to-power-outage/25 198291/ 

25. March 21, WCBS 2 New York City; Associated Press - (Connecticut) 9 students hurt 
when school bus crashes into house in Stamford. An accidental break failure caused 
a school bus carrying Stamford Public School students to crash into a residential home 
on Vine Road near Turn of River Middle School, leaving dozens of students injured 
including nine that were transported to a local hospital March 20. 

Source: http://newvork.cbslocal.com/2015/03/20/school-bus-crashes-in-stamford-after- 
early-dismissal-due-to-snow/ 

26. March 20, Newport News Daily Press - (Virginia) Students, teacher taken to 
hospital after Poquoson bus accident on 1-64. One teacher and 5 Poquoson 
Elementary School students were transported to an area hospital after their school bus 
driver lost control on an Interstate 64 off-ramp in Newport News and ran off the road 
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into a ditch March 20. 

Source: http://www.dailypress.com/news/traffic/dp-students-teacher-taken-to-hospital- 
after-poquoson-bus-accident-on-i64-20150320-story.html 

27. March 20, Vermont Press Bureau - (Vermont) Data breach reported by the Vermont 
Department of Labor. The Vermont Department of Labor released March 20 that a 
former employee intentionally obtained the names and Social Security numbers of at 
least 39 individuals from the department’s unemployment database during regular work 
duties February 24. Authorities seized the employee’s personal computer devices and 
copies of documents as part of an ongoing investigation and found Social Security 
numbers for an additional 41 individuals in the former worker’s possession. 

Source: http://www.vermontpressbureau.com/data-breach-reported-by-the-vermont- 
department-of-labor/ 

28. March 20, Jackson Clarion-Ledger - (Mississippi) Germantown Middle School bus 
overturns in Canton. Authorities are investigating after 17 Germantown Middle 
School students were transported to area hospitals with injuries after their school bus 
overturned in Canton, Mississippi, March 20. 

Source: http://www.clarionledger.com/storv/news/2015/03/20/school-bus-canton- 
overturns/25 106085/ 

T Return to top i 

Emergency Services Sector 

Nothing to report 
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Information Technology Sector 

29. March 23, Softpedia - (International) New point-of-sale malware PoSeidon 

exfiltrates card data to Russian domains. Security researchers from Cisco Systems’ 
Talos Security Intelligence and Research Group discovered that cybercriminals are 
using a new point-of-sale (PoS) malware family dubbed PoSeidon that infects systems 
via a binary file and uses a memory scraping technique to retrieve and clone Discover, 
American Express, MasterCard, and Visa card information before delivering it to 
command and control (C&C) servers in Russia. The malware contains routines to 
ensure persistence regardless of restart or user log-off. 

Source: http://news.softpedia.com/news/New-Point-of-Sale-Malware-PoSeidon- 
Exfiltrates-Card-Data-to-Russian-Domains-476498.shtml 



30. March 23, Softpedia - (International) CryptoWall ransomware also adds infostealer 
to compromised systems. Security researchers at Trend Micro discovered that the 
latest version of the CryptoWall ransomware contains the Fareit infostealer which 
collects credentials from programs including email clients, Web browsers, file transfer 
protocol (FTP) clients, and digital currency wallets. The malware is delivered via an 
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archived JavaScript attachment in an email claiming to deliver a resume that connects 
to command and control (C&C) servers to download JPG images as a ploy to bypass 
intrusion detection systems (IDS). 

Source: http://news.softpedia.com/news/CryptoWall-Ransomware-Also-Adds- 
Infostealer-to-Compromised-Systems-47648 1 .shtml 

31. March 23, Help Net Security - (International) Cisco Small Business IP phones 
vulnerable to eavesdropping. Cisco Systems confirmed that its Small Business SPA 
300 and 500 series IP phones with firmware version 7.5.5 or older, contain flaws in 
authentication settings that could allow attackers to listen in on phone audio streams or 
make calls remotely by sending crafted extensible markup language (XML) requests to 
the affected device. The company is reportedly working on a patch to address the 
vulnerability. 

Source: http://www.net-security.org/secworld.php?id=18119 

32. March 23, IDG News Service - (International) Fake patient data could have been 
uploaded through SAP medical app. SAP fixed two issues in the Electronic Medical 
Records (EMR) Unwired app that could have allowed attackers to potentially leverage 
an SQL injection flaw and configuration file vulnerability to access the embedded 
database and change medical records stored on the server. 

Source: http://www.computerworld.com/article/2900338/fake-patient-data-could-have- 
been-uploaded-through-sap-medical-app.html 

For another story, see item 6 



Internet Alert Dashboard 



To report cyber infrastructure incidents or to request information, please contact US-CERT at soc@us-cert.gov or 
visit their Web site: http://www.us-cert.gov 

Information on IT information sharing and analysis can be found at the IT ISAC (Information Sharing and 
Analysis Center) Web site: http://www.it-isac.org 
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Communications Sector 

See item 31 
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Commercial Facilities Sector 

33. March 23, Softpedia - (International) Account hijacking flaw patched by Hilton 
Hotels in HHonors Website. Hilton Hotels & Resorts announced that it patched a flaw 
on its Hilton HHonors reward program’s Web site that allowed attackers to exploit a 
cross-site request forgery (CSRF) vulnerability to hijack any profile based on its 
account number and access a customer’s account information. No incidents taking 
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advantage of the problem have been reported. 

Source: http://news.softpedia.com/news/Account-Hiiacking-Flaw-Patched-by-Hilton- 
Hotels-in-HHonors-Website-476471.shtml 



34. March 21, Reuters - (Maine) Seven skiers hurt in lift malfunction at Maine's 
Sugarloaf resort. Seven individuals were injured, including 3 people that were 
hospitalized March 21 when the King Pine chairlift at the Sugarloaf Mountain Resort in 
Maine malfunctioned and caused its chairs to roll back several hundred feet. About 230 
people that were being carried up the mountain were evacuated from the lift which was 
closed indefinitely pending an investigation of the malfunction. 

Source: http://www.reuters.com/article/2015/03/21/us-usa-maine-chahiift- 
idUSKBN0MH0QI201 50321 



35. March 21, KPIX 5 San Francisco; Bay City News Service - (California) 2 men killed, 
more than 30 displaced in early-morning Oakland apartment fire. A 3-alarm fire 
that engulfed 2 Oakland apartment buildings March 21 killed 2 individuals and 
displaced about 30 residents. The cause of the fire is under investigation. 

Source: http://sanfrancisco.cbslocal.com/2015/03/21/2-killed-dozens-displaced- 
oakland-apartment-fire/ 

36. March 20, WFMJ 21 Youngstown - (Ohio) Owner estimates $1,000,000 fire damage 
to Youngstown business. A fire and series of explosions engulfed the Asphalt 
Solutions business in Youngstown March 19 and caused an estimated $1 million in 
damage. One firefighter was transported to an area hospital after he was rescued from 
the building as the roof was ready to collapse. 

Source: http://www.wfmi.com/storv/28565659/voungstown-firefighter-iniured-battling- 
business-blaze 
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Dams Sector 

Nothing to report 
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To report physical infrastructure incidents or to request information, please contact the National Infrastructure 
Coordinating Center at nicc@hq.dhs.gov or (202) 282-9201. 

To report cyber infrastructure incidents or to request information, please contact US -CERT at soc@us-cert.gov or visit 
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